Malware sandboxing report by Hatching Triage

Sharing

Copy URL

Twitter E-mail

General

Target

plan-515372324.xlsb
Size

155KB
Sample

210629-ya5cdesfp2
MD5

08e52afbefa423fb9f1ea0af88a4880e
SHA1

2d688dfee28f75553bc1d3633f891d2e70e0408b
SHA256

aaa32ff3e41c61fe828f0850e702f5ed7ffd6177c4bf80ed15324525537f44cd
SHA512

7a5400ec826ecaa0fa6a8beb9022bd9e918f11cf97e57d747477720889f7203af983620e2f7b543fb1ff5cc5a9eff13447d6353506c862dfe2ebd23b7a63dee8

Score

10^/10

macro xlm

Malware Config

Extracted

Language

xlm4.0

Source

URLs

xlm40.dropper

https://khangland.pro/v8gEDeSB/sun.html

xlm40.dropper

https://jaipurbynite.com/stLdQs9R53/sun.htm

Targets

- Target
  
  plan-515372324.xlsb
- Size
  
  155KB
- MD5
  
  08e52afbefa423fb9f1ea0af88a4880e
- SHA1
  
  2d688dfee28f75553bc1d3633f891d2e70e0408b
- SHA256
  
  aaa32ff3e41c61fe828f0850e702f5ed7ffd6177c4bf80ed15324525537f44cd
- SHA512
  
  7a5400ec826ecaa0fa6a8beb9022bd9e918f11cf97e57d747477720889f7203af983620e2f7b543fb1ff5cc5a9eff13447d6353506c862dfe2ebd23b7a63dee8
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

T1112

Discovery

Query Registry

T1012

System Information Discovery

T1082

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

Sharing

General

Malware Config

Extracted

Targets

Process spawned unexpected child process

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2